A look at all things to do with NetScanTools® Products. Inside you will find tips and comments about using our programs and even off topic comments.

Friday, November 14, 2008

dig +trace

If you are curious about how DNS works, you probably should have a look at dig +trace. Dig +trace gives you a hierarchical listing of the DNS servers responsible for each level of a domain name.

The tool starts by going to the top level name servers (you know, the 13 root servers that make DNS work) and asking for the top level domain name servers for .com or .net or .uk or .whatever. Then it picks one of those top level servers and asks for the servers responsible for the next level, like netscantools.com, etc. It does this until it finds the authoritative servers for the hostname or domain name or IP address you entered.

It's great for getting a top down view of how the DNS system works. You can also see if there are problems finding the authoritative servers. You can do this from the unix/linux command line (dig hostname +trace) or from our software.

Here is an example using www.microsoft.com as an input to NetScanTools Pro's Name Server Lookup tool:

(note: these are the authoritative domain servers for handling the queries for hostnames in the microsoft.com domain)microsoft.com. 172800 IN NS ns1.msft.netmicrosoft.com. 172800 IN NS ns2.msft.netmicrosoft.com. 172800 IN NS ns3.msft.netmicrosoft.com. 172800 IN NS ns4.msft.netmicrosoft.com. 172800 IN NS ns5.msft.net;; Received 209 bytes from H.GTLD-SERVERS.NET (192.54.112.30) in 234 ms

With each level, you can see that a number was returned. This is the TTL (time-to-live) for the DNS record in seconds. If you do the dig +trace query again, the numbers for the root servers will be smaller reflecting the time you took between queries.

You can see that ns1 told us that www.microsoft.com is aliased to a server handled by Akamai. It did not tell us the IP address -- we did an 'ANY' query and the CNAME record was all that was returned to us.